DOCSLIB.ORG

Powershell Security  Limit Language Features  Secure Communication  Track Abuse

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Powershell Security  Limit Language Features  Secure Communication  Track Abuse PowerShell Security Limit language features Secure communication Track abuse Michael Pietroforte Wolfgang Sommergut Cover Designer: Claudia Wolff 1. Edition 2020 ISBN: 9781672847827 © 2020 WindowsPro / Wolfgang Sommergut All rights reserved. No portion of this book may be reproduced in any form without permission from the publisher, except as permitted by U.S. copy- right law. Every effort has been made to ensure that the content provided in this book is accurate and helpful for our readers at publishing time. However, this is not an exhaustive treatment of the subjects. No liability is assumed for losses or damages due to the information provided. You are responsi- ble for your own choices, actions, and results. Michael Pietroforte Wolfgang Sommergut PowerShell Security Limit language features, secure communications, track abuse Control execution of scripts using execution policy, code signing and constrained language mode Secure PowerShell remoting with SSH und TLS Delegate administrative tasks with JEA Audit and analyze PowerShell activities, encrypt logs Improve code quality following best practices About the authors Michael Pietroforte is the founder and editor in chief of 4sysops. He has more than 35 years of experience in IT management and system administration. Wolfgang Sommergut has over 20 years of expe- rience in IT journalism. He has also worked as a system administrator and as a tech consultant. Today he runs the German publication WindowsPro.de. Table of contents 1 PowerShell as a hacking tool: Prevent abuse of scripts .................... 8 1.1 Lax default configuration of PowerShell ................................... 9 1.2 Hacking tools for PowerShell .................................................. 10 1.3 General blocking of PowerShell .............................................. 12 1.4 Circumvention through alternative shells ............................... 14 1.5 Secure PowerShell with integrated mechanisms .................... 15 2 Restrict execution of scripts ............................................................ 20 2.1 Setting an execution policy ..................................................... 20 2.2 Signing PowerShell scripts ....................................................... 25 2.3 Reduce PowerShell risks with Constrained Language Mode ... 36 3 Secure communication ................................................................... 48 3.1 Installing OpenSSH on Windows 10 and Server 2019 ............. 48 3.2 PowerShell remoting with SSH public key authentication ...... 57 3.3 Creating a self-signed certificate ............................................. 64 3.4 Remoting over HTTPS with a self-signed certificate ................ 71 4 Just Enough Administration ............................................................ 81 4.1 JEA Session Configuration ....................................................... 81 4.2 Defining and assigning role functions ..................................... 92 5 Audit PowerShell activities .............................................................. 98 5.1 Log commands in a transcription file ...................................... 98 5.2 Scriptblock logging: Record commands in the event log ...... 106 5.3 Issuing certificates for document encryption ....................... 112 5.4 Encrypt event logs and files with PowerShell and GPO ......... 119 5.5 Audit PowerShell keys in the registry .................................... 127 6 Improve PowerShell code ............................................................. 134 6.1 Avoiding errors using strict mode ......................................... 134 6.2 Checking code with ScriptAnalyzer ....................................... 140 7 More security with ScriptRunner .................................................. 145 7.1 PowerShell management solution ........................................ 145 7.2 Five steps to safe automation and delegation ...................... 146 7.3 Additional information .......................................................... 151 Lax default configuration of PowerShell 1 PowerShell as a hacking tool: Prevent abuse of scripts PowerShell is a powerful tool for system administration and as such also a perfect means for hackers. Due to the tight integration into the system, attempts to simply block PowerShell provide a false impression of security. The best protection is provided by PowerShell's own mechanisms. PowerShell offers almost unlimited access to the resources of a Windows computer and also can automate numerous applications such as Ex- change. Users aren't limited to the many modules and cmdlets, but can also integrate .NET classes, Windows APIs, and COM objects. These capa- bilities are particularly dangerous in the hands of attackers. Since many versions of With Windows Server, Microsoft avoids to activate any roles and features on a freshly installed machine in order to minimize the attack surface. On such a locked down system users must explicitly add all required services. 8 Lax default configuration of PowerShell 1.1 Lax default configuration of PowerShell However with PowerShell, the full range of functions is available from the start on every Windows PC, if you put aside the "protection" by a restric- tive execution policy. However, it is not recommended to leave this state as it is. You don't only have to fear malicious PowerShell experts who can exploit all potentials of a script. In fact, even basic knowledge is sufficient to pen- etrate systems with the help of various hacking tools. 9 Hacking tools for PowerShell 1.2 Hacking tools for PowerShell Quite a number of them can be easily obtained as open source via Github. These include the extensive script and module collections PowerSploit, PowerShell Empire, Nishang or PowerUp. You might assume that your computers are well protected by virus scan- ners which detect and block these hacking tools. In fact, Windows De- fender, for example, intervenes after the download and quarantines the scripts. Windows Defender prevents the download of PowerSploit However, in contrast to binary files, scripts can be changed quite easily to fool a signature based recognition. For example, you can copy Invoke- Mimikatz from the browser window and paste it into an editor like Pow- erShell_ISE to experiment with the code. 10 Hacking tools for PowerShell This blog post by Carrie Roberts demonstrates how to outwit most virus scanners by searching and replacing a few significant code snippets. At this point, the technique discussed there may not be up to date any more, but a bit of experimenting will probably reveal how virus scanners detect this script. Otherwise, various AMSI-Bypasses can help you to overwhelm Win- dows Defender. 11 General blocking of PowerShell 1.3 General blocking of PowerShell To prevent such threats, many companies will take a radical measure and disable PowerShell altogether. In centrally managed environments, black- listing with AppLocker or the Software Restriction Policies is an effective solution. If you decide to use the software restriction, you create two new hash rules and connect them to powershell.exe and powershell_ise.exe. For the security level choose Not allowed. If you block the programs at the user level, admins can be excluded. Blocking powershell.exe with software restriction policies This approach has two disadvantages. Firstly, it can be an obstacle to sys- tem administration, because PowerShell has become an indispensable 12 General blocking of PowerShell tool for most admins. For example, PowerShell logon scripts that are exe- cuted in the security context of a user will no longer work. 13 Circumvention through alternative shells 1.4 Circumvention through alternative shells More serious, however, is that PowerShell comprises more than just pow- ershell.exe or power-shell_ise.exe and therefore cannot be permanently blocked by denying access to these two files. Rather, it is a system compo- nent (System.Management.Automation) that cannot be removed and can be used by various runspaces. Attackers could thus access PowerShell from any of their own programs. It is therefore no surprise that already shells exist that can be integrated into your own code or that can be executed directly. Among them are p0wnedShell or PowerOPS. In addition, numerous versions of PowerShell 6 and 7 are available for download in ZIP format, which can be easily unpacked into a directory and executed. Frequent previews of PowerShell 7 would keep admins busy, because they always have to create new rules to cover all these versions. And last but not least, another workaround is to compile PowerShell- Scripts into executable files. They are also not dependent on pow- ershell.exe. 14 Secure PowerShell with integrated mechanisms 1.5 Secure PowerShell with integrated mechanisms Instead of completely banishing PowerShell without achieving real secu- rity, it makes more sense to use its security features. These were further improved with version 5, so that you should update PCs to the latest ver- sion of PowerShell. It is also highly recommended to remove PowerShell 2.0, which is still pre- installed as an optional feature and can be uninstalled in Windows 8.1 and Server 2012 or higher. With this old version, all major restrictions for Pow- erShell can be circumvented. PowerShell 2.0 is an optional feature starting with Windows 8 and Server 2012 and is ena- bled by default. 15 Secure PowerShell with integrated mechanisms One of the key security mechanisms of Windows PowerShell is the Con- strained Language
Load more

Recommended publications
  • NTFS • Windows Reinstallation – Bypass ACL • Administrators Privilege – Bypass Ownership
    Windows Encrypting File System Motivation • Laptops are very integrated in enterprises… • Stolen/lost computers loaded with confidential/business data • Data Privacy Issues • Offline Access – Bypass NTFS • Windows reinstallation – Bypass ACL • Administrators privilege – Bypass Ownership www.winitor.com 01 March 2010 Windows Encrypting File System Mechanism • Principle • A random - unique - symmetric key encrypts the data • An asymmetric key encrypts the symmetric key used to encrypt the data • Combination of two algorithms • Use their strengths • Minimize their weaknesses • Results • Increased performance • Increased security Asymetric Symetric Data www.winitor.com 01 March 2010 Windows Encrypting File System Characteristics • Confortable • Applying encryption is just a matter of assigning a file attribute www.winitor.com 01 March 2010 Windows Encrypting File System Characteristics • Transparent • Integrated into the operating system • Transparent to (valid) users/applications Application Win32 Crypto Engine NTFS EFS &.[ßl}d.,*.c§4 $5%2=h#<.. www.winitor.com 01 March 2010 Windows Encrypting File System Characteristics • Flexible • Supported at different scopes • File, Directory, Drive (Vista?) • Files can be shared between any number of users • Files can be stored anywhere • local, remote, WebDav • Files can be offline • Secure • Encryption and Decryption occur in kernel mode • Keys are never paged • Usage of standardized cryptography services www.winitor.com 01 March 2010 Windows Encrypting File System Availibility • At the GUI, the availibility
    [Show full text]
  • Windows 7 Operating Guide
    Welcome to Windows 7 1 1 You told us what you wanted. We listened. This Windows® 7 Product Guide highlights the new and improved features that will help deliver the one thing you said you wanted the most: Your PC, simplified. 3 3 Contents INTRODUCTION TO WINDOWS 7 6 DESIGNING WINDOWS 7 8 Market Trends that Inspired Windows 7 9 WINDOWS 7 EDITIONS 10 Windows 7 Starter 11 Windows 7 Home Basic 11 Windows 7 Home Premium 12 Windows 7 Professional 12 Windows 7 Enterprise / Windows 7 Ultimate 13 Windows Anytime Upgrade 14 Microsoft Desktop Optimization Pack 14 Windows 7 Editions Comparison 15 GETTING STARTED WITH WINDOWS 7 16 Upgrading a PC to Windows 7 16 WHAT’S NEW IN WINDOWS 7 20 Top Features for You 20 Top Features for IT Professionals 22 Application and Device Compatibility 23 WINDOWS 7 FOR YOU 24 WINDOWS 7 FOR YOU: SIMPLIFIES EVERYDAY TASKS 28 Simple to Navigate 28 Easier to Find Things 35 Easy to Browse the Web 38 Easy to Connect PCs and Manage Devices 41 Easy to Communicate and Share 47 WINDOWS 7 FOR YOU: WORKS THE WAY YOU WANT 50 Speed, Reliability, and Responsiveness 50 More Secure 55 Compatible with You 62 Better Troubleshooting and Problem Solving 66 WINDOWS 7 FOR YOU: MAKES NEW THINGS POSSIBLE 70 Media the Way You Want It 70 Work Anywhere 81 New Ways to Engage 84 INTRODUCTION TO WINDOWS 7 6 WINDOWS 7 FOR IT PROFESSIONALS 88 DESIGNING WINDOWS 7 8 WINDOWS 7 FOR IT PROFESSIONALS: Market Trends that Inspired Windows 7 9 MAKE PEOPLE PRODUCTIVE ANYWHERE 92 WINDOWS 7 EDITIONS 10 Remove Barriers to Information 92 Windows 7 Starter 11 Access
    [Show full text]
  • Pass-The-Hash Attacks
    Pass-the-Hash Attacks Michael Grafnetter www.dsinternals.com Agenda . PtH Attack Anatomy . Mitigation – Proactive – Reactive . Windows 10 + Windows Server 2016 PtH History and Future . 1988 – Microsoft releases Lan Manager . 1997 – Pass-the-Hash demonstrated using a modified Samba . 2007 – Benjamin Delpy releases Mimikatz . 2008 – Pass-the-Ticket attack demonstrated . 2012 – Microsoft releases Pass-the-Hash guidance . 2013 – Windows contains built-in defenses against PtH . 2015 – Michael Grafnetter releases the DSInternals tools ;-) . 2016 – More defense mechanisms coming to Windows PtH Attack Anatomy Theft Use Compromise Lateral and Vertical Movement Metasploit Framework Metasploit Framework Mimikatz DEMO Pass-the-Hash + RDP LSASS NTLM Hashes Passing the Hash PtH Attack Premises Single Symmetric Pass-the-Hash Sign-On Cryptography Attack Surface Stealing the Hash Credentials Lifecycle / Attack Vectors Credentials Lifecycle / Attack Vectors Hashes in SAM/AD Authentication Method Hash Function Salted LM DES NO NTLM, NTLMv2 MD4 NO Kerberos (RC4) MD4 NO Kerberos (AES) PBKDF2 (4096*HMAC_SHA1) YES Digest MD5 YES Active Directory Database - Offline . Files – C:\Windows\NTDS\ntds.dit – C:\Windows\System32\config\SYSTEM . Acquire – Locally: ntdsutil IFM – Remotely: WMI (Win32_Process), psexec – Offline: VHDs, VMDKs, Backups . Extract – Windows: DSInternals PowerShell Module – Linux: NTDSXtract DEMO Extracting hashes from ntds.dit GUI Tools KRBTGT Account Proactive Measures . Encryption . RODC . Backup protection . Regular password changes Active Directory Database - Online . MS-DRSR/RPC Go to www.dsinternals.com for demo ;-) Proactive Measures . Avoid using administrative accounts . Do not run untrusted SW . Do not delegate the right to replicate directory changes . Use an application firewall / IDS ??? SAM Database . Offline – Files • C:\Windows\System32\config\SAM • C:\Windows\System32\config\SYSTEM – Tools • Windows Password Recovery .
    [Show full text]
  • Administrative Guide for Windows 10 and Windows Server Fall Creators Update (1709)
    Operational and Administrative Guidance Microsoft Windows 10 and Windows Server Common Criteria Evaluation for Microsoft Windows 10 and Windows Server Version 1903 (May 2019 Update) General Purpose Operating System Protection Profile © 2019 Microsoft. All rights reserved. Microsoft Windows 10 GP OS Administrative Guidance Copyright and disclaimer The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs-NonCommercial VLicense (which allows redistribution of the work). To view a copy of this license, visithttp://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person or event is intended or should be inferred.
    [Show full text]
  • Active @ UNDELETE Users Guide | TOC | 2
    Active @ UNDELETE Users Guide | TOC | 2 Contents Legal Statement..................................................................................................4 Active@ UNDELETE Overview............................................................................. 5 Getting Started with Active@ UNDELETE........................................................... 6 Active@ UNDELETE Views And Windows......................................................................................6 Recovery Explorer View.................................................................................................... 7 Logical Drive Scan Result View.......................................................................................... 7 Physical Device Scan View................................................................................................ 8 Search Results View........................................................................................................10 Application Log...............................................................................................................11 Welcome View................................................................................................................11 Using Active@ UNDELETE Overview................................................................. 13 Recover deleted Files and Folders.............................................................................................. 14 Scan a Volume (Logical Drive) for deleted files..................................................................15
    [Show full text]
  • GNU Grep: Print Lines That Match Patterns Version 3.7, 8 August 2021
    GNU Grep: Print lines that match patterns version 3.7, 8 August 2021 Alain Magloire et al. This manual is for grep, a pattern matching engine. Copyright c 1999{2002, 2005, 2008{2021 Free Software Foundation, Inc. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is included in the section entitled \GNU Free Documentation License". i Table of Contents 1 Introduction ::::::::::::::::::::::::::::::::::::: 1 2 Invoking grep :::::::::::::::::::::::::::::::::::: 2 2.1 Command-line Options ::::::::::::::::::::::::::::::::::::::::: 2 2.1.1 Generic Program Information :::::::::::::::::::::::::::::: 2 2.1.2 Matching Control :::::::::::::::::::::::::::::::::::::::::: 2 2.1.3 General Output Control ::::::::::::::::::::::::::::::::::: 3 2.1.4 Output Line Prefix Control :::::::::::::::::::::::::::::::: 5 2.1.5 Context Line Control :::::::::::::::::::::::::::::::::::::: 6 2.1.6 File and Directory Selection:::::::::::::::::::::::::::::::: 7 2.1.7 Other Options ::::::::::::::::::::::::::::::::::::::::::::: 9 2.2 Environment Variables:::::::::::::::::::::::::::::::::::::::::: 9 2.3 Exit Status :::::::::::::::::::::::::::::::::::::::::::::::::::: 12 2.4 grep Programs :::::::::::::::::::::::::::::::::::::::::::::::: 13 3 Regular Expressions ::::::::::::::::::::::::::: 14 3.1 Fundamental Structure ::::::::::::::::::::::::::::::::::::::::
    [Show full text]
  • Guide to Hardening Windows 10 Technical Guide
    NOVEMBER 2020 Guide to Hardening Windows 10 For Administrators, Developers and Office Workers TABLE OF CONTENTS Introduction .......................................................................................................................... 4 Prerequisites ............................................................................................................................ 4 User roles ................................................................................................................................. 4 EFI (BIOS) Configuration ...................................................................................................... 5 To be enabled: ......................................................................................................................... 5 To be disabled: ......................................................................................................................... 5 Windows Defender Firewall .................................................................................................. 6 Enable logging of dropped packets ............................................................................................. 6 Disable enforcement of local rules and disable notifications .......................................................... 7 Block outbound connections by default ....................................................................................... 8 Secure potentially vulnerable protocols ......................................................................................
    [Show full text]
  • Cygwin User's Guide
    Cygwin User’s Guide Cygwin User’s Guide ii Copyright © Cygwin authors Permission is granted to make and distribute verbatim copies of this documentation provided the copyright notice and this per- mission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this documentation under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this documentation into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the Free Software Foundation. Cygwin User’s Guide iii Contents 1 Cygwin Overview 1 1.1 What is it? . .1 1.2 Quick Start Guide for those more experienced with Windows . .1 1.3 Quick Start Guide for those more experienced with UNIX . .1 1.4 Are the Cygwin tools free software? . .2 1.5 A brief history of the Cygwin project . .2 1.6 Highlights of Cygwin Functionality . .3 1.6.1 Introduction . .3 1.6.2 Permissions and Security . .3 1.6.3 File Access . .3 1.6.4 Text Mode vs. Binary Mode . .4 1.6.5 ANSI C Library . .4 1.6.6 Process Creation . .5 1.6.6.1 Problems with process creation . .5 1.6.7 Signals . .6 1.6.8 Sockets . .6 1.6.9 Select . .7 1.7 What’s new and what changed in Cygwin . .7 1.7.1 What’s new and what changed in 3.2 .
    [Show full text]
  • Scons API Docs Version 4.2
    SCons API Docs version 4.2 SCons Project July 31, 2021 Contents SCons Project API Documentation 1 SCons package 1 Module contents 1 Subpackages 1 SCons.Node package 1 Submodules 1 SCons.Node.Alias module 1 SCons.Node.FS module 9 SCons.Node.Python module 68 Module contents 76 SCons.Platform package 85 Submodules 85 SCons.Platform.aix module 85 SCons.Platform.cygwin module 85 SCons.Platform.darwin module 86 SCons.Platform.hpux module 86 SCons.Platform.irix module 86 SCons.Platform.mingw module 86 SCons.Platform.os2 module 86 SCons.Platform.posix module 86 SCons.Platform.sunos module 86 SCons.Platform.virtualenv module 87 SCons.Platform.win32 module 87 Module contents 87 SCons.Scanner package 89 Submodules 89 SCons.Scanner.C module 89 SCons.Scanner.D module 93 SCons.Scanner.Dir module 93 SCons.Scanner.Fortran module 94 SCons.Scanner.IDL module 94 SCons.Scanner.LaTeX module 94 SCons.Scanner.Prog module 96 SCons.Scanner.RC module 96 SCons.Scanner.SWIG module 96 Module contents 96 SCons.Script package 99 Submodules 99 SCons.Script.Interactive module 99 SCons.Script.Main module 101 SCons.Script.SConsOptions module 108 SCons.Script.SConscript module 115 Module contents 122 SCons.Tool package 123 Module contents 123 SCons.Variables package 125 Submodules 125 SCons.Variables.BoolVariable module 125 SCons.Variables.EnumVariable module 125 SCons.Variables.ListVariable module 126 SCons.Variables.PackageVariable module 126 SCons.Variables.PathVariable module 127 Module contents 127 SCons.compat package 129 Module contents 129 Submodules 129 SCons.Action
    [Show full text]
  • Aspera CLI User Guide
    Aspera Command- Line Interface Guide 3.7.7 Mac OS X Revision: 74 Generated: 09/25/2018 16:52 Contents Introduction............................................................................................................... 3 System Requirements............................................................................................... 3 Installation................................................................................................................. 3 Installing the Aspera CLI.....................................................................................................................................3 Configuring for Faspex.........................................................................................................................................4 Configuring for Aspera on Cloud........................................................................................................................ 4 Uninstalling........................................................................................................................................................... 5 aspera: The Command-Line Transfer Client........................................................ 5 About the Command-Line Client.........................................................................................................................5 Prerequisites.......................................................................................................................................................... 6 aspera Command Reference................................................................................................................................
    [Show full text]
  • Copyrighted Material
    Index Note to the Reader: Throughout this index boldfaced page numbers indicate primary discussions of a topic. Italicized page numbers indicate illustrations. IUSR_computername account, 274–275 Numbers disabling, 61 mapping certificates to, 283–286 3DES, 125–126, 416, 494 user accounts, configuring for 802.1x standard (IEEE), 181–184, 494 delegation, 46 authentication for, 182 ACEs (Access Control Entries) combining VPNs with, 190 authentication for clients, 494 802.11a standard (IEEE), 494 in Discretionary Access Control List, 7 vs. 802.11b, 170 Active Directory (AD), 3, 494 802.11b standard (IEEE), 494 assigning GPO to container in, 28 for certificate store, 404 Configuration container for certificate templates, 360 A mapping certificates to accounts, 283–286 Access Control Entries (ACEs), 494 in mixed mode, 324 in Discretionary Access Control List, 7 publishing certificates through, 404–409 Access Control List (ACL), 494 in child domain, 406–409 Access Control Settings dialog box, 16 from standalone online CA, 404–406 Auditing tab, 16, 440 to view published certificates and CRLs, “Access Is Denied” error message, 420 358–359 access point, 494. See also wireless access Active Directory domain controller point (WAP) client security to traffic, 226–229 access token, 260, 494 testing, 227–229 account lockout policy, in security Active Directory domains templates, 9 Properties dialog box, General tab, 228 account logon events, tracking, 15, 445 trust relationships, 271–273, 272 account management events, tracking, 15, Active Directory object, auditing, 18 445–446 Active Directory Properties dialog box, 228 Account Policies Active Directory Sites and Services (ADSS), security template configuration, 12, 5, 494 12–14, 13 configuration, 407–408 in security templates, 9 Active Directory Users and Computers (ADUC), accountability trail, 14 COPYRIGHTED5, MATERIAL494 accounts Active Server Pages (ASP), SUS and, 111 Administrator account, renaming, 55, 56 AD.
    [Show full text]
  • Jim Allchin on Longhorn, Winfs, 64-Bit and Beyond Page 34 Jim
    0805red_cover.v5 7/19/05 2:57 PM Page 1 4 Scripting Solutions to Simplify Your Life Page 28 AUGUST 2005 WWW.REDMONDMAG.COM MrMr WindowsWindows Jim Allchin on Longhorn, WinFS, 64-Bit and Beyond Page 34 > $5.95 05 • AUGUST Make Room for Linux Apps Page 43 25274 867 27 Active Directory Design Disasters Page 49 71 Project1 6/16/05 12:36 PM Page 1 Exchange Server stores & PSTs driving you crazy? Only $399 for 50 mailboxes; $1499 for unlimited mailboxes! Archive all mail to SQL and save 80% storage space! Email archiving solution for internal and external email Download your FREE trial from www.gfi.com/rma Project1 6/16/05 12:37 PM Page 2 Get your FREE trial version of GFI MailArchiver for Exchange today! GFI MailArchiver for Exchange is an easy-to-use email archiving solution that enables you to archive all internal and external mail into a single SQL database. Now you can provide users with easy, centralized access to past email via a web-based search interface and easily fulfill regulatory requirements (such as the Sarbanes-Oxley Act). GFI MailArchiver leverages the journaling feature of Exchange Server 2000/2003, providing unparalleled scalability and reliability at a competitive cost. GFI MailArchiver for Exchange features Provide end-users with a single web-based location in which to search all their past email Increase Exchange performance and ease backup and restoration End PST hell by storing email in SQL format Significantly reduce storage requirements for email by up to 80% Comply with Sarbanes-Oxley, SEC and other regulations.
    [Show full text]